Printing apparatus with data decryption

ABSTRACT

A printing apparatus includes a data reading unit that reads data from a storage device that can store pieces of data, the data reading unit being connectable to the storage device, an input panel that accepts an input a password used to decrypt encrypted data stored in the storage device, a password storing unit that stores the input password, a data decrypting unit that decrypts the encrypted data by using the stored password, a decrypted data storing unit that temporarily stores the decrypted data, and a re-decrypting unit that decrypts other encrypted data stored in the storage device by using the stored password.

CROSS-REFERENCE TO RELATED APPLICATION

This application claims priority from Japanese Patent Application No.2006-099583, filed on Mar. 31, 2006, the entire subject matter of whichis incorporated herein by reference.

TECHNICAL FIELD

Aspects of the present invention relate to a printing apparatus thatprints out an encrypted data file by subjecting the encrypted data fileto a decrypting process when the encrypted data file is printed out in adirect printing mode.

BACKGROUND

In accordance with the development of electronic equipment, variousmethods have been employed to use and manage pieces of data atworkplaces.

In combination with a decrease in market price of memory devices, ahigh-capacity medium having high portability, such as a Universal SerialBus (USB) memory or a memory card, has been used.

The memory card is accessible at high speed and is user-friendly. Thememory card has been used as a storage medium that temporarily storesimages taken with, for example, a digital camera. Such a memory card hascome to be used for printing out images taken with the digital camera bysetting the memory card directly in a printer.

Additionally, as integration degree per chip rises and storage capacityincreases, a storage medium has come to be used in a wide range ofpurposes and has been increasingly used as a medium for data movementbetween personal computers (PCs). For this use, a USB memory, which iscapable of being inserted into a USB slot provided in most personalcomputers, is widely used.

For example, there is a case in which a USB memory having a largestorage capacity is used as a storage medium for data necessitated in asection of a company. Such USB memory may be managed in the section.

As the usage pattern of data is diversified as described is above, greatimportance has come to be placed on data confidentiality.

In recent years, in accordance with an improvement in portability oflarge-volume data, internal confidential documents of a company are morelikely to leak out. If the confidential documents are leaked out, thecompany may suffer a great loss. Therefore, data security enhancement isa major task to be achieved.

Additionally, computer networks connected to the Internet are easilyinvaded by outsiders. Hence, files tend to be more tightly managed tocombat the rise in the number of crimes committed through the networks.In the present situation, many companies impose restrictions on datamovement, for example, even when an e-mail is sent together withattached data.

The same applies to a company intranet. There is a tendency to imposerestrictions on the access to folders used between different sections ofthe company. For example, files are managed such that they are not to beread, not to be taken out and not to be printed out without permission.

Especially, if data is stored in a storage device such as the USBmemory, the loss of the storage device will inevitably lead to dataleakage.

Therefore, in order to enhance security for data-file management, anaccess key to a folder on networks or an access key to a storage deviceitself may be set. Additionally, data files may be encrypted such that aspecific password is required for decrypting each data file.

However, such security enhancement may deteriorate usability of networksand storage devices.

For example, much time is consumed to print out an encrypted file whendirect printing is performed by connecting a storage device directly toa printer without passing through a personal computer.

As described above, a desire to print out a data file stored in astorage device, such as a USB memory, has been increased.

This reflects a need to print out images taken with a digital camera byinserting a memory card directly to a printer without passing through apersonal computer, or a need to print out data by inserting a memorysuch as a USB memory directly to a printer, from the viewpoint of thedata security management of a company.

Especially if data can be managed with storage devices such as USBmemories and can be printed out directly by a printer, a great securityadvantage will be obtained, because the usability and user-friendlinessof a USB memory have been improved with an increase in storage capacityof the USB memory and because the data can be printed out directly bythe printer.

However, if data stored in a storage device such as a USB memory is apiece of encrypted data in this case, a means for decrypting theencrypted data is required for the printer.

If a password has been assigned to each encrypted data file in thiscase, the password must be tiresomely input for each data file when aplurality of files are printed out.

Especially if each encrypted file has an individual password to decryptthe file, there is a need to confirm each password for each file. Thisis a complex procedure.

Furthermore, there is a case in which a password assigned to a file isset through a plurality of process steps, such as a retrieving step anda registering step. Therefore, although the security level is raised,workability is lowered. Thus, worker's operations may be affected.

JP-A-2005-99948 discloses a technique concerning an informationprocessor capable of safely transmitting a piece of printing informationto a printing apparatus and a technique concerning a printing apparatuscapable of printing out the information received from the informationprocessor.

FIG. 22 is a block diagram showing the whole structure of a system ofJP-A-2005-99948.

An information processor 310 is connected to networks via a network I/F405. Likewise, a printer 320 is connected to networks via a network I/F327.

The information processor 310 includes a data storing section 412, acryptographic key producing section 413 and an encrypting section 414.

The printer 320 includes a data storing section 322, a cryptographic keyproducing section 323, a decrypting section 324, a print data processingsection 325 and a print engine 326.

In order to print out an electronic document, the information processor310 first acquires a MAC address of the printer 320 or similar data viaa network, and the cryptographic key producing section 413 produces acryptographic key based on, for example, the MAC address. Thereafter,based on the cryptographic key, the electronic document is encrypted,and the resulting encrypted document is sent to the printer 320.

On the other hand, the printer 320 that has received the encryptedelectronic document allows the cryptographic key producing section 323to produce a cryptographic key from its own MAC address, then allows thedecrypting section 324 to decrypt the encrypted electronic documentreceived thereby and allows the print engine 326 to print out thedocument.

Since the completed cryptographic key is produced based on the same MACaddress, for example, only the printer 320 specified by the print dataprocessing section 325 can decrypt the encrypted electronic document.Therefore, a malicious third party can never acquire the data on thenetwork and can never print out the data. Accordingly, the security ofprint data can be enhanced.

However, the aforementioned has the following problems.

According to the technique disclosed by JP-A-2005-99948, a cryptographickey used for encryption is produced based on information uniquelyassigned to the printer. Therefore, if a plurality of data files storedin a storage device are printed out by the printer having the samecryptographic key, a printing operation will be scheduled to beperformed only by such a specified printer at the stage where the datafiles are encrypted, although the usability of easily inputting apassword is provided. As a result, there may be a disadvantageouspossibility that another user using the printer cannot perform aprinting operation.

Additionally, if a printing operation is performed via networks, acrucial problem will not arise, because a cryptographic key becomesunnecessary by a given printer performing the printing operation.However, when a data file is stored in a storage device and isencrypted, there is no point in encrypting the data file if a maliciousthird party knows the printer used by a user, because encryption isperformed by using a MAC address of the printer.

Therefore, when a plurality of encrypted data files are intended to beprinted out directly from the storage device, the technique disclosed byJP-A-2005-99948 is difficult to serve as an effective countermeasureagainst the problem of being required to show a password for eachencrypted data file.

SUMMARY

Aspects of the present invention provide a printing apparatus capable ofreducing the time and trouble of inputting a password, without loweringa security level, when a plurality of encrypted files are printed outdirectly from a storage device by using a printer.

An aspect of the invention provides a printing apparatus comprising: adata reading unit that reads data from a storage device that can storepieces of data, the data reading unit being connectable to the storagedevice; an input panel that accepts an input a password used to decryptencrypted data stored in the storage device; a password storing unitthat stores the input password; a data decrypting unit that decrypts theencrypted data by using the stored password; a decrypted data storingunit that temporarily stores the decrypted data; and a re-decryptingunit that decrypts other encrypted data stored in the storage device byusing the stored password.

Another aspect of the invention provides a printing apparatuscomprising: a data reading unit that reads data from a storage devicethat can store pieces of data, the data reading unit being connectableto the storage device; an input panel that accepts an input a passwordused to decrypt encrypted data stored in the storage device; a passwordstoring unit that stores the input password; and a data decrypting unitthat decrypts the encrypted data by using the password, wherein thedecrypting unit uses the password stored in the password storage unit atleast twice to decrypt at least two different encrypted data which areencrypted by using the same password.

BRIEF DESCRIPTION OF THE DRAWINGS

FIG. 1 is a solid perspective view of a printer according to a firstaspect of the present invention;

FIG. 2 is a block diagram of the printer according to the first aspect;

FIG. 3 is a schematic view showing a storage device and files stored inthe storage device according to the first aspect;

FIG. 4 is a flowchart when direct printing is performed in the firstaspect;

FIG. 5 is a flowchart showing the subroutine of a security check processaccording to the first aspect;

FIG. 6 is a flowchart showing the subroutine of a file search processaccording to the first aspect;

FIG. 7 is a flowchart showing the subroutine of a file management tableproduction according to the first aspect;

FIG. 8A shows an image of the inside of a storage device stored in afile management table when the overall index display is not prohibitedaccording to the first aspect, and FIG. 8B shows an image of the insideof a storage device stored in a file management table when the overallindex display is prohibited according to the first aspect;

FIG. 9 is a flowchart showing the subroutine of a printing processaccording to the first aspect;

FIG. 10 shows an operation image of files stored in a storage deviceaccording to the first aspect;

FIG. 11 is a flowchart showing the subroutine of a file printing processaccording to the first aspect;

FIG. 12 is a flowchart showing the subroutine of a decrypting processaccording to the first aspect;

FIG. 13 is a flowchart showing the subroutine of an index printingprocess according to the first aspect;

FIG. 14 is a flowchart showing the subroutine of a file search processaccording to a second aspect of the present invention;

FIG. 15 is a flowchart showing the subroutine of a file decryptingprocess according to the second aspect;

FIG. 16 is a flowchart showing the subroutine of a file printing processaccording to the second aspect;

FIG. 17 is a flowchart showing the subroutine of an index printingprocess according to the second aspect;

FIG. 18 is a flowchart showing the routine of a direct printing processaccording to a third aspect of the present invention;

FIG. 19 is a flowchart showing the subroutine of a file search processaccording to the third aspect;

FIG. 20 is a flowchart showing the subroutine of a file printing processaccording to the third aspect;

FIG. 21 is a flowchart showing the subroutine of an index printingprocess according to the third aspect; and

FIG. 22 is a block diagram showing the whole structure of a system ofJP-A-2005-99948.

DETAILED DESCRIPTION

Illustrative aspects of the present invention will be hereinafterdescribed with reference to the drawings.

(First Aspect)

The structure of a printer 10 will be first described.

FIG. 1 is a solid perspective view of the printer according to a firstaspect of the present invention.

The printer 10 may be a multifunctional printing apparatus having a copyfunction, a scanner function and a fax function, in addition to a printfunction.

An operation panel 11 is provided on the upper surface of the printer10. The operation panel 11 includes an input panel 12 a, an operatingsection 12 b and a liquid crystal panel display section 13 functioningas a display unit.

A USB port 14 and a slot 15 are provided at the front side of theprinter 10.

FIG. 2 is a block diagram showing a schematic structure of the printeraccording to the first aspect.

As shown in FIG. 2, in the printer 10, a CPU 21, a ROM 22, a RAM 23 andan EEPROM 24 are connected to a bus 25. An ASIC 26 is connected to thebus 25, a printer section 31, a scanner section 32, a panel GA 33, anLCD controller 34, the slot 15, a parallel I/F 35, the USB port 14 andan NCU 36, etc.

The input panel 12 a and the operating section 12 b are connected to thepanel GA 33. The liquid crystal panel display section 13 is connected tothe LCD controller 34. A modem 37 is connected to the NCU 36.

As in the same type of general printers, a user operates the input panel12 a, the operating section 12 b and the liquid crystal panel displaysection 13 included in the operation panel 11 of the printer 10.Accordingly, printing operation of the printer 10 can be performed.

The printer 10 may print out data stored in a storage device in a directprinting mode by connecting a storage device, such as a USE memory 50,which serves to store pieces of data, to the USE port 14 functioning asa data readout unit provided in the printer 10. Alternatively, theprinter 10 may print out data stored in a storage device by connecting astorage device such as a memory card (not shown) to the slot 15.

Herein, any type of storage device can be used as the storage device solong as the storage device is a medium capable of being connected to ordisconnected from the printer 10 when the printer 10 is operating. As anexample used in the following explanation in this aspect, the USE memory50 is used as the storage device.

Additionally, let it be supposed that the printer section 31 functioningas a print engine has an engine using, for example, a laser beam.However, since usage of another type of print engine other than thelaser beam using engine never affects the present invention, varioustypes of print engines can be used.

Next, operations in the first aspect will be described,

FIG. 3 is a schematic view showing the storage device according to thefirst aspect and files stored in the storage device.

The USB memory 50 is a storage device that is used as a data storagemedium by being inserted into the USE port 14 formed in the printer 10.A file F1 to a file F11 are stored in the storage area of the USB memory50.

Thereamong, the files F1, F2 and F4 to F10 are encrypted, and passwordsare required to be input for reading these files. The files F3 and F11are not encrypted.

For convenience of explanation, let it be supposed that the files F1,F2, F6 and F9 are encrypted by using the same password “0001,” as anexample.

Likewise, let it be supposed that the files F4, F5 and F10 are encryptedby using the same password “0002” as an example.

Likewise, let it be supposed that the files F7 and F8 are encrypted byusing the same password “0003” as an example.

FIG. 4 is a flowchart of steps followed when direct printing isperformed, which is a main flow in the first aspect.

When a user of the printer 10 performs direct printing by inserting theUSB memory 50 into the USB port 14, the internal processing of theprinter 10 is performed with the flow shown in FIG. 4.

When a direct printing process is started, the storage device is checkedat step S1. In this aspect, the start of the direct printing process isconditional on the fact that the storage device has been connected.Therefore, a detailed description is omitted of checking whether the USEmemory 50 is present or absent and whether the USB memory 50 is in anormal accessible state. If a fail in checking the storage device occurshere, the process is ended, although the flowchart of FIG. 4 does notshow this.

If the USB memory 50 is of a type that is required to make a securitysetting and a password is required to be input a password when the USBmemory 50 starts being used, the process is performed here.

At step S2, the process skips to a subroutine of a security checkprocess. The security check process is a subroutine to acquire apassword, and will be later described in detail with reference to thedrawings.

If the security check process is ended, the process skips to asubroutine of a file search process for searching files at step S3. Thefile search process 5 searches or retrieves files stored in the USBmemory 50, and will be later described in detail with reference to thedrawings.

If a file that can be printed is found through the file search process,a file management table is produced and is stored in the RAM 23.

The process then proceeds to step S4 where variables are initialized. Inthis aspect, for convenience of explanation, a variable N for a printingprocess is set.

At step S5, the process skips to a subroutine of a printing process. Theprinting process prints out the contents of data files stored in the USBmemory 50, which will be later described in detail with reference to thedrawings.

The process then proceeds to steps S6, S7 and S8 where a check whetherthe routine has been discontinued is made.

In the first aspect, a check whether an exit occurs from a directprinting menu is made at step S6, a check whether the storage device hasbeen pulled out is made at step S7, and a check whether a time-out hasbeen reached is made at step S8.

If these flags are ON, stored passwords and all data opened during theprocess are deleted at step S9, and the direct printing process isended.

When the data are deleted, sufficient care for security, such as theoverwriting of meaningless data, is taken so that the internal storageis completely erased.

If the flags are not ON at steps S6, S7 and S8, the process againreturns to the subroutine of the printing process of step S5.

A check whether an exit has been made from a direct printing menu, whichis made at step S6, ends the process if the user gives instructions toend the direct printing.

A check whether the storage device has been pulled out, which is made atstep S7, ends the process in accordance with an intention with which theuser ends the direct printing by directly pulling out the USB memory 50.

Alternatively, this check made at step S7 ends the process as a measureagainst the possibility that an unexpected accident will cause the USBmemory 50 to slip off from the printer 10 or to break down.

A check whether a time-out has been reached, which is made at step S8,improves a security level. In other words, when a user leaves theprinter 10 neglected in a state in which a password is being inputtherein, this check is made to impose given limitations so that anotheruser does not freely print out or display a printer-operation filewithout permission.

Preferably, an interruption check is also made during other subroutinesalthough no description of the confirmation of the time-out is given.Since a malicious third person can easily print out data, for example,when a user leaves the printer 10, this check has the meaning ofpreventing such a malicious act.

Next, description will be given of the contents of the subroutine ofFIG. 4.

First, description will be given of the subroutine of the security checkprocess performed at step S2 of FIG. 4.

FIG. 5 is a flowchart showing the subroutine of the security checkprocess according to the first aspect.

In the security check process, a process to acquire a password for filesstored in the USB memory 50 is performed.

A check whether a user is in a login state is made at step S10. Theprinter 10 is structured so as to operate in accordance with a settingthat corresponds to a user ID if the user ID and a passwordcorresponding to this user ID are input when the printer 10 is actuatedor when the print function, the copy function, the scanner function, orthe fax function described above is selected as an execution mode.

A user ID, a password and setting information are prestored as userinformation in the thus structured printer.

A user occasionally uses a password, which is identical to the passwordprestored as user information in the printer 10, as a file-readingpassword.

If the user inserts the USB memory 50 into the printer 10 in a presetlogin state (S10: Yes), a confirmation of whether a password is input ornot is required of the user at step S11. It the user is not in a loginstate (S10: No), the process proceeds to step S14.

The input of a selection of whether the password is input or not isreceived from the user at step S11. If the input indicates that thepassword is not input (S11: No), the password is read from the userinformation at step S12. The password is registered in a passwordstorage area that functions as a password storage unit of the RAM 23 atstep S13. If the input indicates that the password is input at step S11(S11: Yes), the process proceeds to step S14.

At step S14, the password is input by using the input panel 12 a if theuser is not in a user login state at step S10 (S10: No), or if aselection to input the password is made at step S11 (S1: Yes). At stepS13, the password is registered in the password storage area of the RAM23.

For convenience of explanation, let the password obtained at steps S12and S14 be “10001” as an example

The security check process is ended in this way.

Next, description will be given of a subroutine of the file searchprocess performed at step S3 of FIG. 4.

FIG. 6 is a flowchart showing the subroutine of the file search processaccording to the first aspect.

In the file search process that functions as a data retrieving unit, anoperation to examine files stored in the USB memory 50 is performed.

A file search variable F is initialized at step S20. The file searchvariable F is then counted up at step S21.

Files in the USB memory 50 are searched at step S22. Files F1 to F11 arestored in the USB memory 50 and are sequentially searched or retrieved.For example, if the file search variable F is 1, the file F1 will befound.

A confirmation of whether a file has been found is made at step S23, andsince the file F1 has been found here (S23: Yes), the process proceedsto a subroutine of a file management table production at step S24.

In the subroutine of the file management table production, files storedin the USB memory 50 are examined, and the state of the files isrecorded in RAM 23 so as to be used in other subroutines. Detailsthereof will be later described with reference to the drawings.

If no file has been found at step S23 (S23: No), the process proceeds tostep S25.

A check as to whether not-yet-searched files exist is made at step S25.If not-yet-searched files exist (S25: Yes), the file search variable Fis again counted up to search the following file at step S21.

If not-yet-searched files do not exist at step S25 (S25: No), the filesearch process is ended.

All files stored in the USB memory 50 are searched in this way.

Next, description will be given of the subroutine of the file managementtable production performed at step S24 of FIG. 6.

FIG. 7 is a flowchart showing the subroutine of the file managementtable production according to the first aspect.

In the subroutine of the file management table production, the state offiles stored in the USB memory 50 is examined, and a file managementtable is formed in an area provided in the RAM 23.

After branching from the subroutine of the file search process, adetermination as to whether the overall index display is prohibited ismade at step S30.

Whether or not the overall index display is prohibited depends on asecurity level to be set. In this aspect, that can be determined by asecurity setting that is set in the USB memory 50 functioning as astorage device, or can be determined by a security setting that is setin the printer 10.

If a determination that the overall index display is prohibited is madeat step S30 (S30: Yes), a flag showing a prohibition against the overallindex display is made ON at step S31.

An examination as to whether the F-th file has been encrypted is made atstep S32. A file search variable F that is set in FIG. 6 is used here.The value of the file search variable F is counted up at step S21 ofFIG. 6.

If a determination that the F-th file has been encrypted is made at stepS33 (S33: Yes), the process proceeds to step S34 where an examination asto whether the F-th file can be decrypted by a registered password ismade. If the F-th file has not been encrypted (S33: No), the processproceeds to step S38.

If the F-th file selected above can be decrypted by a passwordregistered in the RAM 23 at step S34 (S34: Yes), the process proceeds tostep S35 where the fact that the F-th file can be decrypted is stored inan area of the file management table provided in the RAM 23. If the F-thfile cannot be decrypted, the process proceeds to step S36.

If a determination that the S-th file has not been encrypted is made atstep S33 (S33: No), the process proceeds to step S38 where the fact thatthe F-th file detected above is an unencrypted file is stored in an areaof the file management table provided in the RAM 23.

If the F-th file detected at step S34 has been encrypted (S33: Yes) andcannot be decrypted by the registered password (S34: No), the processproceeds to step S36 where a confirmation of whether an overall indexdisplay flag is ON is made. If the overall index display flag is in anON state (S36: Yes), the process proceeds to step S37 where the factthat the F-th file is a secret file is stored in the memory.

If an overall index display prohibition flag is not in an ON state atstep S36 (S36: No), the files are not numbered. In other words, if notin an ON state, information concerning a file is not stored in the filemanagement table.

The file detected as the F-th file is numbered at step S39. The totalnumber of files detected at this time is stored in the RAM 23.

All files stored in the USB memory 50 are examined, and necessaryinformation is stored in the file management table by looping thesubroutine of the file management table production as a file searchprocess.

FIG. 8A and FIG. 8B show the contents stored in the file managementtable.

FIG. 8A shows an image in the storage device stored in the filemanagement table when the overall index display in the first aspect isnot prohibited, FIG. 8B shows an image in the storage device stored inthe file management table when the overall index display in the firstaspect is prohibited.

Since data of the files F1 to F11 are stored in the USB memory 50 asshown in FIG. 3, information about features or characteristics of eachfile is registered in the file management table.

For example, if the password registered in the RAM 23 is “00001,” thefiles F3 and F11 that have not been encrypted are registered in the filemanagement table as unencrypted files, as a result of a confirmation atstep S33 of the subroutine of the file management table production ofFIG. 7.

Additionally, as a result of a confirmation at step S34 of FIG. 7, thefiles F1, F2, F6 and F9, which can be decrypted by the registeredpassword, are classified as decryptable files at step S35.

Additionally, as a result of a confirmation at step S36 of FIG. 7, thefiles F4, F5, F7, F8 and F10, which cannot be decrypted by registeredpasswords other than the above one, are classified as secret files.

However, there is a difference in the contents of the file managementtable between a case in which a determination that the overall indexdisplay is not prohibited at step S30 of FIG. 7 and a case in which adetermination that the overall index display is prohibited at step S30.

In more detail, if the overall index display is not prohibited, all thecontents of the files F1 to F11 are stored in the file management tableas shown in FIG. 8A, and numbers 1 to 11 are assigned thereto in orderof the data files.

On the other hand, if the overall index display is prohibited, only sixfiles, i.e., the files F1, F2, F3, F6, F9 and F11 are stored in the USBmemory 50 as shown in FIG. 8B. Accordingly, numbers 1 to 6 are assignedthereto.

Next, description will be given of the subroutine of the printingprocess performed at step S5 of FIG. 4.

FIG. 9 is a flowchart showing the subroutine of the printing processaccording to the first aspect.

In the subroutine of the printing process, either a file printingprocess or an index printing process is selected.

The file management table recorded in the RAM 23 is read at step S40. AnN-th detected file of the file management table is selected at step S41.Since numeral 1 has been pre-assigned to the printing variable N usedfor printing process at step S4 of FIG. 4 in this aspect, the file F1,which is the first file, is selected. The process then proceeds to stepS42.

An N-th searched file is displayed on the liquid crystal panel displaysection 13 at step S42. Therefore, since the printing variable N is 1, afile name, or the like, of the file F1 is displayed thereon.

The process then proceeds to step S43 where a determination as towhether the up-down key has been pressed in the operating section 12 bis made. If the up-down key has been pressed (S43: Yes), the processproceeds to step S44. If not (S43: No), the process proceeds to step350.

The printing variable N is counted up at step S44.

FIG. 10 shows an operation image of files stored in the storage deviceaccording to the first aspect.

An N-th file, which is a presently-selected file, is shown on the liquidcrystal panel display section 13. The N-th file is changed to another byoperating the operating section 12 b. In response to this, the value ofthe printing variable N used as a variable is increased or decreased.

Although this process is performed through the subroutine, the contentsthereof are not necessitated to describe the present invention in thefirst aspect. Hence, description thereof is omitted.

If the overall index display is not prohibited, information concerningthe 11 files is stored in the file management table as shown in FIG. 8A.Therefore, the total number of detected files is 11, and the item indexprinting is added in addition thereto so as to be selected on the liquidcrystal panel display section 13.

If the overall index display is prohibited, information concerning thesix files is stored in the file management table as shown in FIG. 8B.Accordingly, the total number of detected files is 6.

As a result of counting up the printing variable N, the form shown inFIG. 10 is displayed on the liquid crystal panel display section 13.

A determination as to whether the value of the printing variable N hasexceeded the total number of searched files is made at step S45 of FIG.9. If the value of the printing variable N has exceeded the total numberof searched files (S45: Yes), the process proceeds to step S46. If not(S45: No), the process proceeds to step S48.

Numeral 0 is assigned to the printing variable N at step S46. Theprocess then proceeds to step S47.

“INDEX PRINT” is displayed on the liquid crystal panel display section13 at step S47. The process then proceeds to step S50.

The same operation as at step S41 is performed at step S48. That is, theN-th file of the file management table is selected at step S48. Theprocess then proceeds to step S49.

The N-th searched file selected at step S48 is displayed on the liquidcrystal panel display section 13 at step S49.

A confirmation of whether a determination key provided in the operatingsection 12 b has been pressed is made at step S50. If the determinationkey has been pressed (S50: Yes), the process proceeds to step S51. Ifnot (S50: No), the process proceeds to step S54.

The value of the printing variable N is checked at step S51. It thevalue of the printing variable N is “0” (S51: 0), the process proceedsto step S53. If the value of the printing variable N is “1 or more”(S51: 1 or more), the process proceeds to step S52.

The subroutine of the file printing process is executed at step S52. Thecontents of this will be described later. The process then proceeds tostep S54.

The subroutine of the index printing process is executed at step S53.The contents of this will be later described later. The process thenproceeds to step S54.

A check as to whether a completion event has occurred is made at stepS54. This completion event is the same as the contents shown at stepsS6, S7 and S8 of FIG. 4. This process is performed because a setting tobe looped until the completion event occurs is provided in the printingprocess routine of FIG. 9. If the completion event has occurred (S54:Yes), the subroutine of the printing process is ended. If not (S54: No),the process proceeds to step S43.

Next, description will be given of the subroutine of the file printingprocess performed at step S52 of FIG. 9.

FIG. 11 is a flowchart showing the subroutine of the file printingprocess according to the first aspect.

In the subroutine of the file printing process, a printing process of aselected file is performed.

First, an N-th file that has been detected in the USB memory 50 and thathas been stored in the file management table is selected at step S55. Ifthe printing variable N used for printing is 1, the file F1 in the USBmemory 50 is selected.

The data management table stored in the RAM 23 is examined, and anexamination as to whether this file is an unencrypted file is made atstep S56. If this is not an unencrypted file (S56: No), the N-th file isan encrypted file.

If a prohibition flag of the overall index display is in an ON state atstep S31 in the flow of FIG. 7, the encrypted file is a decryptable filehere. If not, the encrypted file is either a decryptable file or asecret file.

Therefore, the subroutine of the decrypting process is executed at stepS57.

A determination as to whether a decrypting operation has succeeded inthe subroutine of step S57 is made at step S58. If the decryptingoperation has succeeded (S58: Yes), the contents of the file decryptedat step S57 are output by the printer section 31 at step S59, and thissubroutine is completed.

If a determination that the decrypting operation has failed is made atstep S58 (S58: No), a warning that this is a nonprintable file is issuedat step S60, and the subroutine is completed. The warning may be printedout by the printer section 31, or may be displayed on the liquid crystalpanel display section 13.

If a determination that this is an unencrypted file is made at step S56(S56: Yes), printing is performed at step S59 without performing thedecrypting process, and the subroutine of the file printing process iscompleted.

Next, description will be given of the subroutine of the decryptingprocess performed at step S57 of FIG. 11.

FIG. 12 is a flowchart showing the subroutine of the decrypting processaccording to the first aspect.

In the subroutine of the decrypting process, a selected file isdecrypted.

First, the kind of a selected N-th file is determined from a header andan extension of the file at step S61.

Based on information managed by the file management table, anexamination as to whether the selected N-th file is a secret file ismade at step S62.

If the file is not a secret file (S62: No), the selected N-th file is adecryptable file. Hence, a password stored in the RAM 23 is acquired atstep S66. If the file is a secret file (S62: Yes), the process proceedsto step S63.

The password is acquired from the RAM 23 at step S66, and then the fileis decrypted at step S67, thus completing the decrypting process.

If the file is a secret file (S62: Yes), the file cannot be decrypted bythe password stored in the RAM 23. Therefore, a new password is requiredat step S63, and the input panel 12 a is allowed to input the newpassword.

If the file can be decrypted by the new password at step S64 (S64: Yes),the file is decrypted by the new password at step S65, thus completingthe decrypting process.

If the N-th secret file cannot be decrypted at step S64 (S64: No), aconfirmation of whether the limit of the number of password inputoperations has been exceeded is made at step S68. If not (S68: No), theprocess proceeds to step S63 where a new password is again required toexecute decryption.

On the other hand, if the limit of the number of password inputoperations has been exceeded at step S68, a failure-in-decryption flagis made ON at step S69, thus completing the decrypting process.

Next, description will be given of the subroutine of the index printingprocess performed at step S53 of FIG. 9.

FIG. 13 is a flowchart showing the subroutine of the index printingprocess according to the first aspect.

In the subroutine of the index printing process, an image of filesstored in the USB memory 50 is output as an index. If anoverall-index-display prohibition flag is not in an ON state at step S31in the flow of FIG. 7, an image shown in FIG. 8A is output. If anoverall-index-display prohibition flag is in an ON state, an image shownin FIG. 8B is output.

First, an index variable used for indexing is initialized at step S70.An index variable M is used in this aspect, and the value of the indexvariable M is set at 0.

The index variable M is counted up at step S71, and an examination as towhether this is an encrypted file is made at step S72.

If the M-th file in the file management table is an encrypted file (S72:Yes), an examination as to whether this is a secret file is made at stepS73. If the M-th file is not an encrypted file (S72: No), the processproceeds to step S76.

If the file is not a secret file at step S73 (S73: No), a passwordstored in the RAM 23 is read at step S74. If the file is a secret file(S74: Yes), the process proceeds to step S80.

The password is acquired at step S74, and the file is decrypted therebyat step S75.

Thereafter, the file is imaged at step S76, and the process proceeds tostep S77 where the image formed at step S76 is spread at the M-thposition of index images to be output.

A check as to whether the value of the index variable M exceeds thetotal number of searched files stored in the file management table ismade at step S78. If not (S78: No), the variable is again counted up atstep S71.

If the M-th file is not an encrypted file at step S72 (S72: No), theM-th file is an unencrypted file. Hence, the process branches to stepS76 where the file is imaged.

If a determination that this is a secret file is made at step S73 (S73:Yes), an alternative image is called and spread at the M-th position ofthe index images at step S80.

Then checking is performed at step S78. If the value of the indexvariable M exceeds the total number of the files at step S78 (S78: Yes),an index image produced in the subroutine is printed, thus completingthe subroutine of the index printing process.

Next, description will be given of operational advantages in the firstaspect.

The invention in the first aspect is the structure of the printer 10described above. Based on the flow shown in each of FIG. 4 to FIG. 13,file printing or index printing is performed for data of the files F1 toF11 stored in the USB memory 50.

In this case, to protect the data indicating the contents of the filesF1 to F11, these files are encrypted by each individual password.Heretofore, each password is required to be input for each file in orderto print out these files. However, if the files are encrypted by thesame password as in the first aspect of the present invention, printingcan be performed in a less troublesome manner without repeatedlyinputting passwords.

As described above, in practice, there are not that many passwords thatare repeatedly used when a user encrypts files.

Although each individual password should, of course, be used for eachfile from the viewpoint of security enhancement, there is no advantageto setting passwords if the user has no memory of all of the passwords.However, to increase the effectiveness of a password, in many cases, thepassword is required to be formed as a six-digit number, an eight-digitnumber, or an alphanumeric combination. There is also a case in whichthe password is required to be formed as a number having nine or moredigits. Therefore, it is difficult for the user to memorize passwordsproportionate to the number of files.

Therefore, normally, the same password is used for a plurality of files.For example, if there are business files that are used in the samedivision of a company, the same password shared in the division is usedfor the files. Even in private use, in many cases, the same kind offiles are encrypted by using the same password.

According to the first aspect of the present invention, files encryptedby the same password are stored in the USE memory 50, and this USBmemory 50 is inserted into the USB port 14 of the printer 10.Thereafter, the password is input by using the input panel 12 a. As aresult, advantageously, the files encrypted by the same password can beprinted out without repeatedly inputting other passwords.

It is certainly tiresome and painful to input the same password wheneverfiles are printed out, thereby lowering working efficiency.

Since the user psychologically wishes to avoid such a time-consumingoperation, a decrease in security will be brought about.

However, in the printing apparatus according to the first aspect, thefour files encrypted by the password “0001,” i.e., the files F1, F2, F6and F9 among the files stored in the USB memory 50 can be printed outmerely by inputting the password once.

Therefore, the user can improve the working efficiency in a lesstroublesome manner, and can prevent a decrease in security caused by,for example, using unencrypted files so as to avoid a time-consumingoperation.

Index printing is effective because an at-a-glance easy recognition canbe achieved when the structure of files stored in the USB memory 50 isexamined and when the liquid crystal panel display section 13 is notlarge enough to be seen.

Although description has been given of the ON condition of a flag,showing whether or not the overall index display is prohibited withreference to FIG. 7, the overall index display can be prohibited. Thisdepends on the UBE memory 50. Hence, it is recommended to change thesecurity level according to how the USB memory 50 is operated. A secretfile is not displayed by prohibiting the overall index display, and onlytwo kinds of files, i.e., a file that can be decrypted by auser-memorized password and an unencryted file are displayed.Accordingly, a higher security level can be achieved.

As described above, according to the printing apparatus of the firstaspect, the following excellent operations and effects are achieved.

(1) The printing apparatus includes the USB port 14 connected to the USBmemory 50 so as to read data from the USB memory 50 that can storepieces of data, the input panel 12 a used to input a password used todecrypt encrypted data stored in the USB memory 50, the RAM 23 thatstores the password input by the input panel 12 a, the data decryptingunit (which is realized by the CPU 21 at steps S65, S67 and S75) fordecrypting the encrypted data by using the password stored in the RAM23, the RAM 23 that temporarily stores the encrypted data decrypted bythe data decrypting unit and the printer section 31 that prints out theencrypted data decrypted by the data decrypting unit. The thusstructured printing apparatus is characterized by further including theredecrypting unit (which is realized by the CPU 21 at step S57) fordecrypting other encrypted data stored in the USB memory 50 by using thepassword used when the data decrypting unit decrypts the encrypted data.Therefore, as a result of the use of the same password stored in thesingle USB memory 50, a plurality of encrypted data file scan becontinuously printed out without again inputting the password, and thetime-consuming operation of repeatedly inputting passwords can beeliminated. Thus, usability can be improved.

If a password is set for each individual data file, the data files areencrypted by mutually different passwords, respectively. As a result,the security level is heightened, and desirable data management can becarried out. However, usually, a user uses a large number of data files.If unique passwords are set for the different data files, the usercannot memorize so many passwords.

Therefore, in most cases, the number of passwords used by a single useris two or three. Moreover, the user may use the same password for aplurality of data files.

In these cases, if a plurality of encrypted data files are stored in astorage device and are printed out by a printer in a direct printingmode, the same password must be troublesomely input repeatedly by thenumber of printing operations. However, if the printer memorizes apassword that has been input once, there is no need to repeatedly inputthe password when a data file having the same password is again printedout, thus usability can be improved.

Concerning security, since a user inserts the USB memory 50 directlyinto the printer 10 and then inputs a password, security is not loweredeven if the password is stored in the RAM 23 of the printer 10, becausethe password is eliminated at a timing, e.g., when the user leaves theprinter 10.

(2) The printing apparatus described in the item (1) is characterized inthat the redecrypting unit (which is realized by the CPU 21 at step S57)includes a data retrieving unit (which is realized by the CPU 21 at stepS3) for retrieving decryptable encrypted data that can be decrypted bythe input password from the files F1 to F11 stored in the USE memory 50,and a retrieved-encrypted-data decrypting unit (which is realized by theCPU 21 at steps S66 and S67) for decrypting decryptable encrypted datathat has been retrieved by the data retrieving unit by using thepassword stored in the RAM 23. Therefore, files that can be printed outcan be retrieved on the side of the printer 10, and the user can beinformed of data that can be printed out by the input password.

As a result, the user can grasp data that can be printed out.

(3) The printing apparatus described in the item (2) is characterized inthat the re-decrypting unit (which is realized by the CPU 21 at stepS57) includes a determined-data printing unit (which is realized at stepS5) for displaying unencrypted data and the decryptable encrypted dataretrieved by the data retrieving unit (which is realized by the CPU 21at step S3) on the liquid crystal panel display section 13 in adeterminable manner and allowing the printer section 31 to print outeither the decryptable encrypted data or the unencrypted data as aresult of a selection therebetween. Therefore, an easy judgment can bemade about how much decryptable data and unencrypted data are stored inthe USB memory 50.

Encrypted data that cannot be decrypted by an input password may bedisplayed as secret data on the liquid crystal panel display section 13and may be printed out by the printer section 31.

Since the liquid crystal panel display section 13 of the printer 10 hasa limited space, an at-a-glance easy recognition can be improved byprinting out the data on sheets of paper.

(4) The printing apparatus described in any one of the items (1) to (3)is characterized by further including a data deleting unit (which isrealized by the CPU 21 at step S9) for deleting the password stored inthe RAM 23 and the encrypted data stored in the RAM 23 decrypted by thedata decrypting unit (which is realized by the CPU 21 at steps S65, S67and S75) and the re-decrypting unit (which is realized by the CPU 21 atstep S57) when a connection between the USB memory 50 and the USB port14 is broken or when a predetermined time elapses after inputting thepassword. Therefore, a case never occurs in which a password remains inthe printer 10 after a user uses the printer 10, so that the password ismisused. Therefore, the security level is heightened.

(Second Aspect)

Next, a second aspect will be described.

The structure of the printer 10 and the USB memory 50 are the same as inthe first aspect (FIG. 1 to FIG. 3). Herein, description thereof isomitted.

The second aspect differs from the first aspect in the file decryptingprocess.

This will be described using flowcharts as follows.

Since a main flowchart showing direct printing is the same as that ofFIG. 4 in the first aspect, description thereof is omitted.

A first difference from the first aspect resides in the subroutine ofthe file search process performed at step S3 of FIG. 4.

FIG. 14 is a flowchart showing the subroutine of the file search processin the second aspect.

The file search process examines files stored in the USB memory 50 inthe same way as in FIG. 6 of the first aspect. However, the secondaspect differs from the first aspect in the fact that decryptable filesare decrypted at this moment and are stored in the RAM 23.

First, a file search variable F used for a file search is initialized atstep S500. The file search variable F is then counted up at step S101.

Files stored in the USB memory 50 are searched at step S102. The filesF1 to F11 are stored in the USB memory 50 and are sequentially searched.For example, if the file search variable F is 1, the file F1 is found.

A confirmation of whether any file has been found is made at step S103.Since the file F1 has been found here (S103: Yes), the process skips tothe subroutine of the file management table production at step S104.

In the subroutine of the file management table production, the filesstored in the USB memory 50 are examined, and the state of these filesis recorded in the RAM 23 so that these can be used in othersubroutines. Since the subroutine of the file management tableproduction is the same as that of FIG. 7 shown in the first aspect,description thereof is omitted. The files stored in the USB memory 50are examined to determine whether these are unencrypted files,decryptable files, or secret files. Then, the examination results arestored. The total number of searched files is also examined by numberingthe files.

If no file has been found at step S103 (S103: No), the process proceedsto step S105.

The subroutine of the file decrypting process is executed to decryptdecryptable files found above at step S105. The subroutine of the filedecrypting process will be later described.

The contents of decrypted files are stored in the RAM 23 at step S106.In this case, let it be supposed that the RAM 23 has a sufficientstorage area.

A check whether a not-yet searched file exists is made at step S107. Ifa not-yet searched file exists, the file search variable F is againcounted up at step S101, and the following file is searched.

If a not-yet searched file does not exist at step S107 (S107: No), thefile search process is completed.

As described above, in the second aspect, all files stored in the USBmemory 50 are searched, and if a decryptable file is found, theencrypted file is decrypted at this moment and is then stored in the RAM23. For example, if the file search variable F is 1, the file F1 isfound. The password for this is “0001,” which is the same as that storedtherein. Therefore, the file F1 is decrypted at this moment and is thenstored in the RAM 23.

Next, description will be given of the subroutine of the file decryptingprocess performed at step S105 of FIG. 14.

FIG. 15 is a flowchart showing the subroutine of the file decryptingprocess according to the second aspect.

In the subroutine of the file decrypting process, all decryptable filessearched above are decrypted based on data stored in the RAM 23 byexecuting the subroutine of the file management table production shownin FIG. 7.

First, the kind of a selected F-th file is determined from a header andan extension of the file at step S110.

Based on information stored in the file management table, adetermination as to whether the F-th file is a decryptable file is madeat step S111. If the F-th file is a decryptable file (S111: Yes), apassword stored in the RAM 23 is read at step S112. If the F-th file isnot a decryptable file, the file decrypting process is completed withoutperforming any operations.

After the password is acquired at step S112, the decryptable file isdecrypted at step S113 and the file decrypting process is completed.

Then, the decrypted data is stored in the RAM 23 at step S106.

Thus, all files that have been determined to be decryptable files in thesubroutine of the file management table production are decrypted byallowing the subroutine of the file decrypting process to operate in thesubroutine of the file search process shown in FIG. 14.

The four files F1, F2, F6 and F9, which are decryptable files to bedecrypted by the stored password “10001,” are stored in the USB memory50. All of these four files are decrypted by executing the subroutine ofthe file search process shown in FIG. 14 and are stored in the form ofdecrypted data in the RAM 23.

The process then proceeds to the printing process performed at step S5of the direct printing process of FIG. 4.

Since the subroutine of the printing process is the same as that of thefirst aspect shown in FIG. 9, description thereof is omitted. At thismoment, a selection is made between the file printing process and theindex printing process.

Since this subroutine of the file printing process and this subroutineof the index printing process differ from those of the first aspect,these differences will be described.

First, description will be given of the subroutine of the file printingprocess performed at step S46 of FIG. 9.

FIG. 16 is a flowchart of the subroutine of the file printing processaccording to the second aspect.

In the subroutine of the file printing process, selected files areprinted out in the same way as in the first aspect. However, since thedecrypting operation has already been completed, there is no need todecrypt the files in this routine.

First, an N-th file stored in the file management table is selected atstep S115. Since the printing variable N is determined by allowing auser to operate the operating section 12 b at step S41 of FIG. 9, thefile is selected according to the value of the printing variable Ndetermined thereby.

For sake of simplicity, let it be supposed that the printing variable Nis 2 here. It the printing variable N is 2, the file F2 is selected.

An examination as to whether the file selected at step S116 is a secretfile is made. Herein, the file is determined not to be a secret file(S16: No), because the file F2 is recorded as a decryptable file in thefile management table.

The N-th file stored in the file management table is printed out at stepS117. Since the printing variable N is set at 2 as described above, thefile F2 is printed out here.

On the other hand, if the selected n-th file is determined to be asecret file at step S116 (S116: Yes), the warning that printing cannotbe performed because of a secret file is issued at step S118, and thefile printing process is completed.

It is permissible to employ a flow in which the password is againinquired. If this is agreeable, printing can be performed at step S118.

Thus, there is a difference in the routine between the file printingprocess of the first aspect shown in FIG. 11 and the file printingprocess shown in FIG. 16, depending on whether a decryptable file isdecrypted beforehand and stored in the RAM 23.

Next, description will be given of the subroutine of the index printingprocess.

FIG. 17 is a flowchart of the subroutine of the index printing processaccording to the second aspect.

In the subroutine of the index printing process, an image of filesstored in the USB memory 50 is output as an index. If anoverall-index-display prohibition flag is not in an ON state at step S31in the flow of FIG. 7, an image shown in FIG. 8A is output. If anoverall-index-display prohibition flag is in an ON state, an image shownin FIG. 8B is output. Although this is the same as in the first aspect,a partial difference in the flow exists between this aspect and thefirst aspect.

First, the index variable used for indexes is initialized at step S120.Herein, the index variable M is set at 0.

The index variable M is counted up at step S121, and an examination asto whether the file is an encrypted file is made at step S122.

If the M-th file of the file management table is an encrypted file(S122: Yes), an examination as to whether this is a secret file is madeat step S126. If the M-th file is not an encrypted file, the processproceeds to step S123.

If the file is a secret file at step S126 (S126: Yes), an alternativeimage is read for the secret file at step S127. The alternative imagespreads at the M-th position of the image files at step S128.

On the other hand, if the file is not a secret file at step S126 (S126:No), the file is stored as a decryptable file in the file managementtable. Since the file has already been decrypted at step S113 of FIG.15, a corresponding file is read from the RAM 23 and is imaged at stepS123.

The M-th file selected above has been determined to be an unencryptedfile or a decryptable file, and the selected M-th file is imaged at stepS123. Since the decryptable file has already been decrypted and storedin the RAM 23 as described above, there is no need to decrypt this whenimaged.

The image spreads at the M-th position of the image files at step S124.

A determination as to whether the value of the index variable X exceedsthe total number of searched files stored in the RAM 23 is made at stepS125. If not (S125: No), the process proceeds to step S121. If the valueof the index variable M exceeds the total number of searched files(S125: Yes), the image file is printed out at step S129, and thesubroutine of the index printing process is completed.

Thus, a difference in the routine exists between the index printingprocess of the first aspect shown in FIG. 12 and the index printingprocess shown in FIG. 17, depending on whether the decryptable file isbeforehand decrypted and stored in the RAM 23.

Next, the operational advantages of the second aspect will be described.

The invention in the second aspect is the structure of the printer 1described above. Based on the flow shown in FIG. 14 to FIG. 17 and theflow shown in FIG. 4, FIG. 5 and FIG. 7, which is the same as in thefirst aspect, data of the files F1 to F11 stored in the USB memory 50are selectively printed out in the form of file printing or indexprinting.

Although the files F1 to F11 are respectively encrypted by individuallycorresponding passwords at this time in order to protect the dataindicating the contents of the files, the invention in the second aspectenables the files encrypted by the same password to be printed out inthe same way as in the first aspect without the time-consuming operationof repeatedly inputting the password.

The second aspect greatly differs from the first aspect in the fact thatdecryptable files are decrypted beforehand and stored in the RAM 23 inthe subroutine of the file search process shown in FIG. 14.

This process makes it unnecessary to decrypt files when printed out.Hence, although more time is taken during the file search process thanduring that of the first aspect shown in FIG. 6, this process can beadvantageously performed in less time.

If the RAM 23 has a sufficient storage space, the files can be processedin less time at the subsequent steps by beforehand decrypting the filesas described above. Therefore, advantageously, there is no need todecrypt each individual file one by one, for example, when a largenumber of files are printed out.

Therefore, since printing can be carried out more swiftly, workingefficiency can be improved. Moreover, it is possible to avoid a decreasein security which is caused by using files without encryption so as toavoid a time-consuming operation, for example.

Data stored in the RAM 23 are not lowered in security level because thedata are deleted so that the password and the data do not remain in theprinter when the direct printing process is quitted at step S9 of FIG.4.

As described above, according to the printing apparatus of the secondaspect, the following excellent operations and effects are achieved.

(1) The printing apparatus includes the USB port 14 connected to the USBmemory 50 so as to read data from the USB memory 50 that can storepieces of data, the input panel 12 a used to input a password used todecrypt encrypted data stored in the USB memory 50, the RAM 23 thatstores the password input by the input panel 12 a, the data decryptingunit (which is realized by the CPU 21 at step S113) for decrypting theencrypted data by using the password stored in the RAM 23, the RAM 23that temporarily stores the encrypted data decrypted by the datadecrypting unit, and the printer section 31 that prints out theencrypted data decrypted by the data decrypting unit. The thusstructured printing apparatus is characterized by further including there-decrypting unit (which is realized by the CPU 21 at step S105) fordecrypting other encrypted data stored in the USB memory 50 by using thepassword used when the data decrypting unit decrypts the encrypted data.Therefore, the files F1 to F11 encrypted by using the same passwordstored in the single USB memory 50 can be continuously printed outwithout again inputting the password, and the time-consuming operationof repeatedly inputting passwords can be eliminated, thus usability canbe improved.

If a password is set for each individual data file, the data files areencrypted by mutually different passwords, respectively. As a result,the security level is heightened, and desirable data management can becarried out. However, usually, a user uses a large number of data files.If unique passwords are set for the different data files, the usercannot memorize so many passwords.

Therefore, in most cases, the number of passwords used by a single useris two or three. Moreover, the user may use the same password for aplurality of data files.

In these cases, if data such as those of the files F1 to F11 are storedin the USB memory 50 and are printed out by the printer 10 in a directprinting mode, the same password must be troublesomely input repeatedlyby the number of printing operations. However, if the printer 10memorizes a password that has been input once, there is no need torepeatedly input the password when a data file having the same passwordis again printed out, thus usability can be improved.

Concerning security, since a user inserts the USB memory 50 directlyinto the printer 10 and then inputs a password, security is not loweredeven if the password is stored in the printer 10, because the passwordis eliminated at a timing, e.g., when the user leaves the printer 10.

(2) The printing apparatus described in the item (1) is characterized inthat the re-decrypting unit (which is realized by the CPU 21 at stepS105) includes a data retrieving unit (which is realized by the CPU 21at step S3) for retrieving decryptable encrypted data that can bedecrypted by the input password from the files F1 to F11 stored in theUSB memory 50, and a retrieved-encrypted-data decrypting unit (which isrealized by the CPU 21 at steps S104, S105 and 107) for decryptingdecryptable encrypted data that has been retrieved by the dataretrieving unit by using the password stored in the RAM 23. Therefore,files that can be printed out can be retrieved on the side of theprinter 10, and the user can be informed of data that can be printed outby the input password.

As a result, the user can grasp data that can be printed out.

(3) The printing apparatus described in the item (1) is characterized inthat the re-decrypting unit (which is realized by the CPU 21 at stepS105) includes a data retrieving unit (which is realized by the CPU 21at step S3) for retrieving decryptable encrypted data that can bedecrypted by an input password from the files F1 to F11 stored in theUSB memory 50, a retrieved data decrypting unit (which is realized bythe CPU 21 at step S105) for decrypting the retrieved decryptableencrypted data by using the password stored in the RAM 23, and aretrieved and decrypted data storing unit (which is realized by the RAM23 at step S106) for storing the decrypted data decrypted by theretrieved data decrypting unit. Therefore, when a user prints out files,if a password is first input, printing can be performed without timeloss thereafter.

(4) The printing apparatus described in the item (2) or (3) ischaracterized in that the re-decrypting unit (which is realized by theCPU 21 at step S105) includes a determined-data printing unit (which isrealized at step S5) for displaying unencrypted data and the decryptableencrypted data retrieved by the data retrieving unit (which is realizedby the CPU 21 at step S3) on the liquid crystal panel display section 13in a determinable manner and allowing the printer section 31 to printout either the decryptable encrypted data or the unencrypted data as aresult of a selection therebetween. Therefore, an easy judgment can bemade about how much decryptable data and unencrypted data are stored inthe USE memory 50.

Encrypted data that cannot be decrypted by an input password may bedisplayed on the liquid crystal panel display section 13, and may beprinted out by the printer section 31.

Since the liquid crystal panel display section 13 of the printer 10 hasa limited space, an at-a-glance easy recognition can be improved byprinting out the data.

(5) The printing apparatus described in any one of the items (1) to (4)is characterized by further including a data deleting unit (which isrealized by the CPU 21 at step S9) for deleting the password stored inthe RAM 23 and the encrypted data stored in the RAM 23 decrypted by thedata decrypting unit (which is realized by the CPU 21 at step S113) andthe re-decrypting unit (which is realized by the CPU 21 at step S105)when a connection between the USB memory 50 and the USB port 14 isbroken or when a predetermined time elapses after inputting thepassword. Therefore, a case never occurs in which a password remains inthe printer 10 after a user uses the printer 10, so that the password ismisused. Therefore, the security level is heightened.

(Third Aspect)

Next, the structure of a third aspect will be described.

The structure of the printer 10 and the USB memory 50 are the same as inthe first aspect (FIG. 1 to FIG. 3). Herein, description thereof isomitted.

A difference between the third aspect and the first aspect lies inwhether a file management table is produced. A file management table isproduced in the first aspect, whereas a file management table is notproduced in the third aspect.

Therefore, FIG. 18 corresponds to FIG. 4 that is a main flow.

FIG. 18 is a flowchart showing the routine of the direct printingprocess that is a main flow in the third aspect.

In the third aspect, the flow of the direct printing process is almostthe same as in the first aspect. However, the subroutine of the filesearch process performed at step S3 of FIG. 4 is not executed in FIG.18. The subroutine of the security check process is executed at stepS131. Then, the printing variable N is initialized at step S132.

This point is a part differing from the first aspect. Steps subsequentto this point follow the same flow. Hence, description thereof isomitted.

The flow of the subroutine of the printing process performed at stepS133 is that of FIG. 19.

Next, description will be given of the subroutine of the printingprocess performed at step S133 of FIG. 18.

FIG. 19 is a flowchart showing the subroutine of the printing process ofthe third aspect.

Although this printing process is almost the same as that of FIG. 9 inthe first aspect, a file management table is not beforehand produced inthe third aspect. Therefore, when the subroutine of the printing processis started, an N-th searched file is selected at first at step S140.

Since a process for variables that is performed at step S140 is the sameas that performed at step S41 of FIG. 9, description thereof is omitted.However, since no file management table is provided here, a file name isconfirmed by accessing the USB memory 50.

Thereafter, the N-th file stored in the USB memory 50 is detected atstep S141 and is displayed on the liquid crystal panel display section13.

Likewise, the N-th file is searched directly from the USB memory 50 andis selected and displayed thereon at step S147 and step S148.

Thereafter, step S142, which corresponds to step S43, follows the sameflow as in the first aspect. Thus, description thereof is omitted.

The subroutine of the file printing process performed at step S151follows the flow shown in FIG. 20. The subroutine of the index printingprocess performed at step S152 follows the flow shown in FIG. 21.

Next, description will be given of the subroutine of the file printingprocess performed at step S151 of FIG. 19.

FIG. 20 is a flowchart showing the subroutine of the file printingprocess in the third aspect.

Although the subroutine of the file printing process is almost the sameas that of FIG. 11 in the first aspect, a file management table is notbeforehand produced in the third aspect. Therefore, step S154corresponding to step S55 is expressed in a different manner.

That is, the USB memory 50, not the file management table, is searchedat step S154, and the N-th file is directly selected.

The N-th file selected from the USB memory 50 is temporarily read intothe RAM 23, and an examination as to whether this is an unencrypted fileis made at step S155. If this is not an unencrypted file (S155: No), thesubroutine of the decrypting process is executed at step S156. Thissubroutine of the decrypting process is the same as in the first aspect.See the flow of FIG. 12.

If a determination that this is an unencrypted file is made at stepS155, the process proceeds to step S158.

Thereafter, step S156, which corresponds to step S57, and step S158,which corresponds to step S59, follow the same flow as in the firstaspect. Hence, description thereof is omitted.

Next, description will be given of the subroutine of the index printingprocess performed at step S152 of FIG. 19.

FIG. 21 is a flowchart showing the subroutine of the index printingprocess in the third aspect.

Although this subroutine of the index printing process is almost thesame as that of FIG. 13 in the first aspect, a file management table isnot beforehand produced in the third aspect. Hence, the contents ofsteps S72 to S75 of FIG. 13 are replaced by those of steps S162 to S165of FIG. 21. Furthermore, step S168 corresponding to step S78 isexpressed in a different manner.

That is, the M-th file among files stored in the USB memory 50 istemporarily read into the RAM 23, and an examination as to whether thisis an encrypted file is made at step S162. If this is not an encryptedfile (S162: No), the process proceeds to step S166.

If a determination that this is an encrypted file is made at step S162(S162: Yes), a password is acquired from the RAM 23 at step S163.

If the M-th file read therefrom can be decrypted by the acquiredpassword at step S164 (S164: Yes), the file is decrypted at step S165.If the M-th file cannot be decrypted thereby, the process proceeds tostep S170.

Thereafter, step S166, which corresponds to step S76, and step S170,which corresponds to step S80, follow the same flow as in the firstaspect. Hence, description thereof is omitted.

The reason why step S168 differs in expression from step S78 is that thetotal number of files stored in the USB memory 50 is checked at thispoint because of being provided with no file management table.

Next, the operational advantage of the third aspect will be described.

The invention in the third aspect is the structure of the printer 10described above. Based on the flow shown in FIG. 18 to FIG. 21 and theflow shown in FIG. 5 and FIG. 12, which is the same as in the firstaspect, data of the files F1 to F11 stored in the USB memory 50 areselectively printed out in the form of file printing or index printing.

Although the files F1 to F11 are respectively encrypted by individuallycorresponding passwords at this time in order to protect the dataindicating the contents of the files, the invention in the third aspectenables the files encrypted by the same password to be printed out inthe same way as in the first aspect without the time-consuming operationof repeatedly inputting the password.

The third aspect greatly differs from the first aspect in the fact that,as can be understood from a comparison between FIG. 18 and FIG. 4, thesubroutine of the file search process is not executed, and a filemanagement table, which is produced here, is not provided.

When files are searched, there is a need to directly access the USBmemory 50 because of being provided with no file management table asdescribed above. However, no production of such a file management tablemakes it possible to shorten time from when the USB memory 50 is set inthe printer 10 until when printing is started.

Additionally, because of being provided with no file management table,spatial pressure against the RAM 23 is reduced even if the RAM 23 doesnot have a sufficient storage space. Therefore, the occurrence of memorystorage, for example, can be prevented.

Since a time from when the USB memory 50 is set in the printer 10 untilprinting is started is short as described above, the CPU 21 and the RAM23 of the printer 10 can be made at low cost. Additionally,advantageously, printing can be performed in less time if the USB memory50 stores only a little amount of data.

As described above, according to the printing apparatus of the thirdaspect, the following excellent operations and effects are achieved.

(1) The printing apparatus includes the USB port 14 connected to the USBmemory 50 so as to read data from the USB memory 50 that can storepieces of data, the input panel 12 a used to input a password used todecrypt encrypted data stored in the USB memory 50, the RAM 23 thatstores the password input by the input panel 12 a, the data decryptingunit (which is realized by the CPU 21 at steps S156 and S165) fordecrypting the encrypted data by using the password stored in the RAM23, the RAM 23 that temporarily stores the encrypted data decrypted bythe data decrypting unit, and the printer section 31 that prints out theencrypted data decrypted by the data decrypting unit. The thusstructured printing apparatus is characterized by further including there-decrypting unit (which is realized by the CPU 21 at step S156) fordecrypting other encrypted data stored in the USB memory 50 by using thepassword used when the data decrypting unit decrypts the encrypted data.Therefore, a plurality of data files encrypted by using the samepassword stored in the single USB memory 50 can be continuously printedout without again inputting the password, and the time-consumingoperation of repeatedly inputting passwords can be eliminated, thususability can be improved.

If a password is set for each individual data file, the data files areencrypted by mutually different passwords, respectively. As a result,the security level is heightened, and desirable data management can becarried out. However, usually, a user uses a large number of data files.If unique passwords are set for the different data files, the usercannot memorize so many passwords.

Therefore, in most cases, the number of passwords used by a single useris two or three. Moreover, the user may use the same password for aplurality of data files.

In these cases, if data, such as those of the files F1 to F11, arestored in the USB memory 50, and are printed out by the printer 10 in adirect printing mode, the same password must be troublesomely inputrepeatedly by the number of printing operations. However, it the printer10 memorizes a password that has been input once, there is no need torepeatedly input the password when a data file having the same passwordis again printed out, thus usability can be improved.

Concerning security, since a user inserts the USB memory 50 directlyinto the printer and then inputs a password to use the printer, securityis not lowered even if the password is stored in the printer 10, becausethe password is eliminated at a timing, e.g., when the user leaves theprinter 10.

(2) The printing apparatus described in the item (1) is characterized byfurther including a data deleting unit (which is realized by the CPU 21at step S9) for deleting the password stored in the RAM 23 and theencrypted data stored in the RAM 23 decrypted by the data decryptingunit (which is realized by the CPU 21 at steps S156 and S165) and there-decrypting unit (which is realized by the CPU 21 at step S156) when aconnection between the USB memory 50 and the USB port 14 is broken orwhen a predetermined time elapses after inputting the password.

Therefore, a case never occurs in which a password remains in theprinter 10 after a user uses the printer 10, so that the password ismisused. Therefore, the security level is heightened.

The present invention is not limited to the above aspects. Variousmodifications can be embodied without departing from the scope of thepresent invention.

For example, in the first, second and third aspects, an inquiry may bemade to a user about what to select when the USB memory 50 is set in theprinter 10. This selection may be made in accordance with an operationalstate or a set value.

Additionally, each flowchart shown in the aspects is, of course, anexample. Therefore, the contents of a subroutine, as well as the timingor the operational manner of variables, may be changed within the scopeof the design concept of the present invention.

Additionally, although the first to third aspects have described thepassword input into the input panel 12 a as only one password stored inthe password storage area formed in the RAM 23, a plurality of passwordsmay be input from the input panel 12 a so that a data file can bedecrypted by a selected one of the passwords.

Additionally, although a decrypted file is used in the print function,the file may be used in the copy function, or may be faxed by performingthe fax function.

Additionally, a medium, such as a SmartMedia (registered trademark), aCompactFlash®, or an HDD card, which can be used as a storage and whichcan be recognized by a printing apparatus, may be employed instead ofthe USB memory 50.

As a matter of course, the USB memory 50 may be recognized through a USBhub connected to a USB port of a printing apparatus. The mediumsdescribed above may be recognized through a media reader.

Further, according to another aspect of the invention, in the printingapparatus, the re-decrypting unit includes: a data retrieving unit thatretrieves decryptable encrypted data from the pieces of data stored inthe storage device, the decryptable encrypted data being decryptable bythe input password; and a retrieved encrypted data decrypting unit thatdecrypts the retrieved decryptable encrypted data by using the storedpassword.

According to still another aspect of the invention, the printingapparatus further comprises a print engine that prints data, wherein there-decrypting unit further includes: a determined-data printing unitthat displays unencrypted data and the retrieved decryptable encrypteddata on a display unit and controls the print engine to print out eitherthe decryptable encrypted data or the unencrypted data as a result of aselection made from the decryptable encrypted data and the unencrypteddata.

According to still another aspect of the invention, in the printingapparatus, the re-decrypting unit includes: a data retrieving unit thatretrieves decryptable encrypted data from the pieces of data stored inthe storage device, the decryptable encrypted data being decryptable bythe input password; and a retrieved data decrypting unit that decryptsthe retrieved decryptable encrypted data by using the stored password;and a retrieved and decrypted data storing unit that stores thedecrypted data decrypted by the retrieved data decrypting unit.

According to still another aspect of the invention, the printingapparatus further comprises a print engine that prints data, wherein there-decrypting unit further includes: a determined-data printing unitthat displays unencrypted data and the retrieved decryptable encrypteddata on a display unit and controls the print engine to print out eitherthe decryptable encrypted data or the unencrypted data as a result of aselection made from the decryptable encrypted data and the unencrypteddata.

According to still another aspect of the invention, the printingapparatus further comprises a data deleting unit that deletes the storedpassword from the password storing unit and deletes the decrypted datafrom the decrypted data storing unit.

According to still another aspect of the invention, in the printingapparatus, the data deleting unit deletes the stored password and thedecrypted data when a connection between the storage device and the datareading unit is disconnected.

According to still another aspect of the invention, in the printingapparatus, the data deleting unit deletes the stored password and thedecrypted data when a predetermined time elapses after inputting thepassword.

According to still another aspect of the invention, in the printingapparatus, the stored password used by the re-decrypting unit is thesame as the password used by the data decrypting unit.

According to still another aspect of the invention, the printingapparatus further comprises a data deleting unit that deletes the storedpassword from the password storing unit and deletes the decrypted datafrom the decrypted data storing unit.

According to still another aspect of the invention, in the printingapparatus, the data deleting unit deletes the stored password and thedecrypted data when a connection between the storage device and the datareading unit is disconnected.

According to still another aspect of the invention, in the printingapparatus, the data deleting unit deletes the stored password and thedecrypted data when a predetermined time elapses after inputting thepassword.

According to aspects of the printing apparatus of the invention, aplurality of data files encrypted by using the same password stored inthe same storage device can be continuously printed out without againinputting the password when direct printing is performed and thetime-consuming operation of repeatedly inputting passwords can beeliminated. Thus, usability can be improved.

If a password is set for each individual data file, the data files areencrypted by mutually different passwords, respectively. As a result,the security level is heightened, and desirable data management can becarried out. However, usually, a user uses a large number of data files.If unique passwords are set for the different data files, the usercannot memorize so many passwords.

Therefore, in most cases, the number of passwords used by a single useris two or three, and it is not uncommon for the user to use the samepassword for a plurality of data files.

In these cases, if a plurality of encrypted data files are stored in astorage device and are printed out by a printer in a direct printingmode, the same password must be troublesomely input repeatedly by thenumber of printing operations. However, if the printer memorizes apassword that has been input once, there is no need to repeatedly inputthe password when a data file having the same password is again printedout, thus improving usability.

Concerning security, since a user connects the storage device directlywith the printer and then inputs a password, security is not loweredeven if the password is stored in the printer, because the password iseliminated at a timing, e.g., when the user leaves the printer.

Further, according to aspects of the printing apparatus of theinvention, files that can be printed out can be retrieved on the side ofthe printing apparatus, and a user can be informed of data that can beprinted out by the input password.

As a result, the user can grasp data that can be printed out.

Still further, according to aspects of the printing apparatus of theinvention, when a user prints out files, if a password is first input,printing can be performed without time loss thereafter.

Still further, according to aspects of the printing apparatus of theinvention, an easy judgment can be made about how much decryptable dataand unencrypted data are stored in the storage device.

Encrypted data that cannot be decrypted by an input password may bedisplayed on the display unit, and may be printed out by the printengine.

Since the display of the printing apparatus has a limited space, anat-a-glance easy recognition can be improved by printing out the data.

Still Further, according to aspects of the printing apparatus of theinvention, a case never occurs in which a password remains in theprinting apparatus after a user uses the printing apparatus, so that thepassword is misused. Therefore, the security level is heightened.

1. A printing apparatus comprising: a print engine that prints data; adata reading unit that reads data from a storage device that stores aplurality of pieces of data, the data reading unit being connectable tothe storage device; an input panel that accepts an input password usedto decrypt encrypted pieces of data stored in the storage device; apassword storing unit that stores the input password; wherein theplurality of pieces of data stored on the storage device can include:unencrypted pieces of data, decryptable encrypted pieces of data thatcan be decrypted using the stored password, and undecryptable encryptedpieces of data that cannot be decrypted using the stored password; adata decrypting unit that uses the stored password to decrypt some ofthe encrypted pieces of data; a decrypted data storing unit thattemporarily stores the decrypted data; and a re-decrypting unit thatdecrypts other pieces of encrypted data stored in the storage device byusing the stored password, the re-decrypting unit including a dataretrieving unit that retrieves a plurality of decryptable encryptedpieces of data from the plurality of pieces of data stored in thestorage device; a retrieved encrypted data decrypting unit that decryptsthe plurality of retrieved decryptable encrypted pieces of data usingthe stored password, wherein said printing apparatus is configured sothat said storage device can be connected to or disconnected from theprinting apparatus while the printing apparatus is operating, whereinthe re-decrypting unit also includes: a determined-data printing unitthat displays at least one unencrypted piece of data and the pluralityof retrieved decryptable encrypted pieces of data on a display unit andcontrols the print engine to print out at least one of the plurality ofdecryptable encrypted pieces of data or the at least one unencryptedpiece of data based on a selection made from the plurality ofdecryptable encrypted pieces of data and the at least one unencryptedpiece of data without requiring reentry of the password by a user. 2.The printing apparatus according to claim 1, wherein the data retrievingunit retrieves all decryptable encrypted pieces of data from theplurality of pieces of data stored in the storage device, and whereinthe retrieved encrypted data decrypting unit decrypts all the retrieveddecryptable encrypted pieces of data by using the stored password. 3.The printing apparatus according to claim 2, wherein the determined-dataprinting unit displays the at least one unencrypted piece of data andall the retrieved decryptable encrypted pieces of data stored on thestorage device on the display unit and controls the print engine toprint out at least one of the decryptable encrypted pieces of data orthe unencrypted data based on a selection made from all of thedecryptable encrypted pieces of data and the at least one unencryptedpiece of data without requiring reentry of the password by the user. 4.The printing apparatus according to claim 1, wherein the re-decryptingunit includes: a retrieved and decrypted data storing unit that storesthe decrypted retrieved data decrypted by the retrieved data decryptingunit.
 5. The printing apparatus according to claim 1, furthercomprising: a data deleting unit that deletes the stored password fromthe password storing unit and deletes the decrypted data from thedecrypted data storing unit.
 6. The printing apparatus according toclaim 5, wherein the data deleting unit deletes the stored password andthe decrypted data when a connection between the storage device and thedata reading unit is disconnected.
 7. The printing apparatus accordingto claim 5, wherein the data deleting unit deletes the stored passwordand the decrypted data when a predetermined time elapses after inputtingthe password.
 8. The printing apparatus according to claim 1, whereinthe stored password used by the re-decrypting unit is the same as thepassword used by the data decrypting unit.
 9. A printing apparatuscomprising: a print engine that prints data; a data reading unit thatreads data from a storage device that stores a plurality of pieces ofdata, the data reading unit being connectable to the storage device; aninput panel that accepts an input password used to decrypt encryptedpieces of data stored in the storage device; a password storing unitthat stores the input password; wherein the plurality of pieces of datastored on the storage device can include: unencrypted pieces of data,decryptable encrypted pieces of data that can be decrypted using thestored password, and undecryptable encrypted pieces of data that cannotbe decrypted using the stored password; a data decrypting unit that usesthe stored password to decrypt decryptable encrypted pieces of data, thedecrypting unit using the password stored in the password storage unitto decrypt at least two different decryptable encrypted pieces of data;and a determined-data printing unit that displays at least oneunencrypted piece of data and a plurality of decryptable encryptedpieces of data on the display unit and controls the print engine toprint out at least one of the plurality of decryptable encrypted piecesof data or the at least one unencrypted piece of data based on aselection made from the plurality of decryptable encrypted pieces ofdata and the at least one encrypted piece of data without requiringreentry of the password by the user, wherein said printing apparatus isconfigured so that said storage device can be connected to ordisconnected from the printing apparatus while the printing apparatus isoperating.
 10. The printing apparatus according to claim 9, furthercomprising: a data deleting unit that deletes the stored password fromthe password storing unit and deletes the decrypted data from thedecrypted data storing unit.
 11. The printing apparatus according toclaim 10, wherein the data deleting unit deletes the stored password andthe decrypted data when a connection between the storage device and thedata reading unit is disconnected.
 12. The printing apparatus accordingto claim 10, wherein the data deleting unit deletes the stored passwordand the decrypted data when a predetermined time elapses after inputtingthe password.
 13. The printing apparatus according to claim 1, whereinthe printing apparatus is configured to execute an index printingprocess in which an image of files stored in the storage device isoutput as an index, and wherein only unencrypted files and decryptableencrypted files that can be decrypted by the stored password aredisplayed.
 14. The printing apparatus according to claim 9, wherein theprinting apparatus is configured to execute an index printing process inwhich an image of files stored in the storage device is output as anindex, and wherein only unencrypted files and decryptable encryptedfiles that can be decrypted by the stored password are displayed. 15.The printing apparatus according to claim 1, wherein the storage deviceis a removable USB memory.
 16. The printing apparatus according to claim9, wherein the storage device is a removable USB memory.